Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-10161 | 1 Oracle | 1 Agile Engineering Data Management | 2019-10-02 | 5.8 MEDIUM | 4.8 MEDIUM |
| Vulnerability in the Oracle Engineering Data Management component of Oracle Supply Chain Products Suite (subcomponent: Web Services Security). Supported versions that are affected are 6.1.3.0 and 6.2.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Engineering Data Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Engineering Data Management accessible data as well as unauthorized read access to a subset of Oracle Engineering Data Management accessible data. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). | |||||
| CVE-2017-3730 | 2 Openssl, Oracle | 7 Openssl, Agile Engineering Data Management, Communications Application Session Controller and 4 more | 2019-04-25 | 5.0 MEDIUM | 7.5 HIGH |
| In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack. | |||||
| CVE-2016-3428 | 1 Oracle | 1 Agile Engineering Data Management | 2017-09-02 | 1.8 LOW | 3.1 LOW |
| Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect availability via vectors related to Engineering Communication Interface. | |||||
| CVE-2016-3468 | 1 Oracle | 1 Agile Engineering Data Management | 2017-08-31 | 10.0 HIGH | 9.8 CRITICAL |
| Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Install. | |||||
| CVE-2016-0497 | 1 Oracle | 1 Agile Engineering Data Management | 2016-12-07 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.2.2, 6.1.3.0, and 6.2.0.0 allows remote attackers to affect integrity via unknown vectors related to Web Client. | |||||
| CVE-2016-0498 | 1 Oracle | 1 Agile Engineering Data Management | 2016-12-07 | 1.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.2.2, 6.1.3.0, and 6.2.0.0 allows local users to affect confidentiality via unknown vectors related to Install. | |||||
| CVE-2016-5518 | 1 Oracle | 1 Agile Engineering Data Management | 2016-11-28 | 6.8 MEDIUM | 8.1 HIGH |
| Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to webfileservices. | |||||